subject:"Max\-All\-Session counter module problem"

Max-All-Session counter module problem

2009-08-30 Thread Bishal Pun


Hi,

I am posting the debug of another user who has same problem:

rad_recv: Access-Request packet from host 202.79.xx.XX port 65050,
id=12, length=189
   NAS-Identifier = pppoe-bhw.
   Acct-Session-Id = 1633129-mpd-pppoe-70
   NAS-Port = 70
   NAS-Port-Type = Ethernet
   Service-Type = Framed-User
   Framed-Protocol = PPP
   Calling-Station-Id = 0016768aaa28
   Called-Station-Id = WIFITEST
   NAS-Port-Id = rl0
   Vendor-12341-Attr-12 = 0x6d70642d7070706f652d3730
   Tunnel-Medium-Type:0 = IEEE-802
   Tunnel-Client-Endpoint:0 = 00:16:76:8a:aa:28
   User-Name = sneha
   User-Password = 123
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = sneha, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[sql]   expand: %{User-Name} - sneha
[sql] sql_set_user escaped user -- 'sneha'
rlm_sql (sql): Reserving sql socket id: 1
[sql]   expand: SELECT id, username, attribute, value, op   FROM
radcheck   WHERE username = '%{SQL-User-Name}'   ORDER
BY id - SELECT id, username, attribute, value, op   FROM
radcheck   WHERE username = 'sneha'   ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op   FROM
radreply   WHERE username = '%{SQL-User-Name}'   ORDER
BY id - SELECT id, username, attribute, value, op   FROM
radreply   WHERE username = 'sneha'   ORDER BY id
[sql]   expand: SELECT groupname   FROM radusergroup  
WHERE username = '%{SQL-User-Name}'   ORDER BY priority -

SELECT groupname   FROM radusergroup   WHERE username =
'sneha'   ORDER BY priority
[sql]   expand: SELECT id, groupname, attribute,   Value,
op   FROM radgroupcheck   WHERE groupname =
'%{Sql-Group}'   ORDER BY id - SELECT id, groupname,
attribute,   Value, op   FROM radgroupcheck  
WHERE groupname = 'Prepaid Hours'   ORDER BY id

[sql] User found in group Prepaid Hours
[sql]   expand: SELECT id, groupname, attribute,   value,
op   FROM radgroupreply   WHERE groupname =
'%{Sql-Group}'   ORDER BY id - SELECT id, groupname,
attribute,   value, op   FROM radgroupreply  
WHERE groupname = 'Prepaid Hours'   ORDER BY id

rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
[ldap] performing user authorization for sneha
[ldap] WARNING: Deprecated conditional expansion :-.  See man unlang
for details
[ldap]  expand: (cn=%{Stripped-User-Name:-%{User-Name}}) - (cn=sneha)
[ldap]  expand: ou=users,ou=radius,dc=resunganet,dc=com,dc=np -
ou=users,ou=radius,dc=resunganet,dc=com,dc=np
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in
ou=users,ou=radius,dc=resunganet,dc=com,dc=np, with filter (cn=sneha)
[ldap] checking if remote access for sneha is allowed by dialupAccess
[ldap] Added User-Password = {SSHA}zG7/cgoBWWNIVo7WtLMria1ui7GJAztI in
check items
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
[ldap] user sneha authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand:  'SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{User-Name}''
[noresetcounter]expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='%{User-Name}' - SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='sneha'
sqlcounter_expand:  '%{sql:SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='sneha'}'
[noresetcounter] sql_xlat
[noresetcounter]expand: %{User-Name} - sneha
[noresetcounter] sql_set_user escaped user -- 'sneha'
[noresetcounter]expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='sneha' - SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='sneha'
rlm_sql (sql): Reserving sql socket id: 0
[noresetcounter] sql_xlat finished
rlm_sql (sql): Released sql socket id: 0
[noresetcounter]expand: %{sql:SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='sneha'} - 90001
rlm_sqlcounter: (Check item - counter) is less than zero
rlm_sqlcounter: Rejected user sneha, check_item=9, counter=90001
++[noresetcounter] returns reject
Invalid user (rlm_sqlcounter: Maximum never usage time reached): [sneha]
(from client pppoe-bhw port 70 cli 0016768aaa28)
Using Post-Auth-Type Reject
+- entering group REJECT {...}
===
check_item shows 9 whereas I have updated the radcheck
Max-All-Session Value by 18 but still Reject with Maximum never
usage time reached?

radcheck table output of user sneha:

2901 | sneha| Max-All-Session| := | 18  |


Thank you
Bishal

  I am using Freeradius 2.1.6 with LDAP for

Max-All-Session counter module problem[SOLVED]

2009-08-30 Thread Bishal Pun


Hello all,

Problem is solved. Actually it was due to radgroupcheck table. There I have 
inserted Max-All-Session as 9. I deleted it and now the user can log in.


Thank you
Bishal






Hi,

I am posting the debug of another user who has same problem:

rad_recv: Access-Request packet from host 202.79.xx.XX port 65050,
id=12, length=189
  NAS-Identifier = pppoe-bhw.
  Acct-Session-Id = 1633129-mpd-pppoe-70
  NAS-Port = 70
  NAS-Port-Type = Ethernet
  Service-Type = Framed-User
  Framed-Protocol = PPP
  Calling-Station-Id = 0016768aaa28
  Called-Station-Id = WIFITEST
  NAS-Port-Id = rl0
  Vendor-12341-Attr-12 = 0x6d70642d7070706f652d3730
  Tunnel-Medium-Type:0 = IEEE-802
  Tunnel-Client-Endpoint:0 = 00:16:76:8a:aa:28
  User-Name = sneha
  User-Password = 123
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = sneha, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[sql]   expand: %{User-Name} - sneha
[sql] sql_set_user escaped user -- 'sneha'
rlm_sql (sql): Reserving sql socket id: 1
[sql]   expand: SELECT id, username, attribute, value, op   FROM
radcheck   WHERE username = '%{SQL-User-Name}'   ORDER
BY id - SELECT id, username, attribute, value, op   FROM
radcheck   WHERE username = 'sneha'   ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op   FROM
radreply   WHERE username = '%{SQL-User-Name}'   ORDER
BY id - SELECT id, username, attribute, value, op   FROM
radreply   WHERE username = 'sneha'   ORDER BY id

[sql] expand: SELECT groupname FROM radusergroup WHERE username = 
'%{SQL-User-Name}' ORDER BY priority -


SELECT groupname   FROM radusergroup   WHERE username =
'sneha'   ORDER BY priority
[sql]   expand: SELECT id, groupname, attribute,   Value,
op   FROM radgroupcheck   WHERE groupname =
'%{Sql-Group}'   ORDER BY id - SELECT id, groupname,

attribute, Value, op FROM radgroupcheck WHERE groupname = 'Prepaid 
Hours' ORDER BY id


[sql] User found in group Prepaid Hours
[sql]   expand: SELECT id, groupname, attribute,   value,
op   FROM radgroupreply   WHERE groupname =
'%{Sql-Group}'   ORDER BY id - SELECT id, groupname,

attribute, value, op FROM radgroupreply WHERE groupname = 'Prepaid 
Hours' ORDER BY id


rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
[ldap] performing user authorization for sneha
[ldap] WARNING: Deprecated conditional expansion :-.  See man unlang
for details
[ldap]  expand: (cn=%{Stripped-User-Name:-%{User-Name}}) - (cn=sneha)
[ldap]  expand: ou=users,ou=radius,dc=resunganet,dc=com,dc=np -
ou=users,ou=radius,dc=resunganet,dc=com,dc=np
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in
ou=users,ou=radius,dc=resunganet,dc=com,dc=np, with filter (cn=sneha)
[ldap] checking if remote access for sneha is allowed by dialupAccess
[ldap] Added User-Password = {SSHA}zG7/cgoBWWNIVo7WtLMria1ui7GJAztI in
check items
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
[ldap] user sneha authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand:  'SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{User-Name}''
[noresetcounter]expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='%{User-Name}' - SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='sneha'
sqlcounter_expand:  '%{sql:SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='sneha'}'
[noresetcounter] sql_xlat
[noresetcounter]expand: %{User-Name} - sneha
[noresetcounter] sql_set_user escaped user -- 'sneha'
[noresetcounter]expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='sneha' - SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='sneha'
rlm_sql (sql): Reserving sql socket id: 0
[noresetcounter] sql_xlat finished
rlm_sql (sql): Released sql socket id: 0
[noresetcounter]expand: %{sql:SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='sneha'} - 90001
rlm_sqlcounter: (Check item - counter) is less than zero
rlm_sqlcounter: Rejected user sneha, check_item=9, counter=90001
++[noresetcounter] returns reject
Invalid user (rlm_sqlcounter: Maximum never usage time reached): [sneha]
(from client pppoe-bhw port 70 cli 0016768aaa28)
Using Post-Auth-Type Reject
+- entering group REJECT {...}
===
check_item shows 9 whereas I have updated the radcheck
Max-All-Session Value by 18 but still Reject with Maximum never
usage time reached?

radcheck table output of user sneha:

2901 | sneha| Max-All-Session| := | 18

Max-All-Session counter module problem

Max-All-Session counter module problem[SOLVED]

2 matches

Site Navigation

Mail list logo

Footer information